System, method, and computer program product for maintaining transaction integrity over public networks

ABSTRACT

A method for maintaining transaction integrity for transactions performed over a public network includes: receiving a transaction message corresponding to an original transaction, the transaction message including a unique, client-assigned, first identifier; in response to receiving the transaction message, assigning a unique, second identifier to the original transaction; generating a request to process the original transaction including at least a portion of the transaction message and the second identifier; transmitting the request to an issuer server to process the original transaction; receiving a first response from the issuer server in connection with the original transaction; in response to the first response, generating a second response corresponding to the original transaction including the first identifier and the second identifier; and transmitting the second response to the client. A system and computer program product for maintaining transaction integrity for transactions performed over a public network is also disclosed.

CROSS-REFERENCE TO RELATED APPLICATION

This application is the United States national phase of InternationalApplication No. PCT/US2017/034993 filed May 30, 2017, the disclosure ofwhich is hereby incorporated by reference in its entirety.

BACKGROUND Technical Field

This disclosure relates to transaction integrity and, in particular, toa system, method, and computer program product for maintainingtransaction integrity for transactions performed over a public network.

Technical Considerations Description of Related Art

After a transaction between a consumer and a merchant, details regardingthe transaction are submitted in an original message to a transactionservice provider to be correctly authorized, cleared, and settled, whilemaintaining transaction integrity. The transaction service provider isalso responsible for managing the lifecycle of each particulartransaction submitted, which may include follow-on messages to theoriginal message. These follow-on messages must also be correctlymatched, logged, and retained to maintain transaction integrity.

Currently, transactions submitted to transaction service providers aretransmitted over private networks, in order to securely maintaintransaction integrity. In submitting the original message to thetransaction service provider in the form of a transaction message, theclient (such as a point-of-sale system, merchant, acquirer, paymentfacilitator, or the like) submits the transaction information. Thetransaction service provider processes the transaction message andgenerates and responds with a unique identifier by which the client canrefer to the transaction to follow-up with the transaction serviceprovider. However, in the cases in which the transaction serviceprovider fails to send back a unique identifier before a follow-onmessage is required, the client is left without a reference forfollow-up activity. Further, for each transaction submitted to thetransaction service provider, the client must include a fullspecification of information in the transaction message, much of whichcan be redundant. Any information missing from this full specificationcan result in the transaction submission being bounced back to theclient.

In order to transport a transaction message to a transaction serviceprovider, current solutions require an access device, such as a serveror router, to effectuate secure communications between a client and atransaction service provider. Such physical systems often need tocontinually or periodically communicate with the transaction serviceprovider to report its status and require clients to invest in physicalpayment processing infrastructure in order to accept payments.

Therefore, there is a need in the art to provide a new, improved paymentprocessing network and architecture for clients to securely submittransactions to a transaction service provider.

SUMMARY

Accordingly, provided is an improved system, method, and computerprogram product for maintaining transaction integrity for transactionsperformed over a public network that overcomes some or all of thedeficiencies of the prior art.

According to some non-limiting embodiments or aspects provided is amethod of maintaining transaction integrity for transactions performedover a public network. The method includes: (i) receiving, from a clientdevice, a transaction message corresponding to an original transaction,the transaction message including a unique, client-assigned, firstidentifier; (ii) in response to receiving the transaction message,assigning a unique, second identifier to the original transaction; (iii)generating a request to process the original transaction including atleast a portion of the transaction message and the second identifier;(iv) transmitting the request to an issuer server to process theoriginal transaction; (v) receiving a first response from the issuerserver in connection with the original transaction; (vi) in response tothe first response, generating a second response corresponding to theoriginal transaction, the second response including the first identifierand the second identifier; and (vii) transmitting the second response tothe client device.

According to some non-limiting embodiments or aspects, provided is asystem for maintaining transaction integrity for transactions performedover a public network, including at least one server computer includingat least one processor. The at least one server computer is programmedand/or configured to: (i) receive, from a client device, a transactionmessage corresponding to an original transaction, the transactionmessage including a unique, client-assigned, first identifier; (ii) inresponse to receiving the transaction message, assign a unique, secondidentifier to the original transaction; (iii) generate a request toprocess the original transaction including at least a portion of thetransaction message and the second identifier; (iv) transmit the requestto an issuer server to process the original transaction; (v) receive afirst response from the issuer server in connection with the originaltransaction; (vi) in response to the first response, generate a secondresponse corresponding to the original transaction including the firstidentifier and the second identifier; and (vii) transmit the secondresponse to the client device.

According to some non-limiting embodiments or aspects, provided is amethod of maintaining transaction integrity for transactions performedover a public network. The method includes: (i) receiving, from a clientdevice, a transaction message corresponding to an original transactionvia a public internet connection, the transaction message including aunique, client-assigned, first identifier; (ii) generating a request toprocess the original transaction including at least a portion of thetransaction message; (iii) transmitting the request to an issuer serverto process the original transaction; (iv) receiving a first responsefrom the issuer server corresponding to the original transaction; (v) inresponse to receiving the first response, generating a second responsecorresponding to the original transaction including the firstidentifier; and (vi) transmitting the second response to the clientdevice via the public internet connection.

According to some non-limiting embodiments or aspects provided is acomputer program product for maintaining transaction integrity fortransactions performed over a public network, including at least onenon-transitory computer-readable medium including program instructionsthat, when executed by at least one processor, cause the at least oneprocessor to: receive, from a client device, a transaction messagecorresponding to an original transaction, the transaction messageincluding a unique, client-assigned, first identifier; in response toreceiving the transaction message, assign a unique, second identifier tothe original transaction; generate a request to process the originaltransaction including at least a portion of the transaction message andthe second identifier; transmit the request to an issuer server toprocess the original transaction; receive a first response from theissuer server in connection with the original transaction; in responseto the first response, generate a second response corresponding to theoriginal transaction comprising the first identifier and the secondidentifier; and transmit the second response to the client device.

Further non-limiting embodiments or aspects are set forth in thefollowing numbered clauses:

Clause 1: A method of maintaining transaction integrity for transactionsperformed over a public network, comprising: receiving, from a clientdevice, a transaction message corresponding to an original transaction,the transaction message comprising a unique, client-assigned, firstidentifier; in response to receiving the transaction message, assigninga unique, second identifier to the original transaction; generating arequest to process the original transaction comprising at least aportion of the transaction message and the second identifier;transmitting the request to an issuer server to process the originaltransaction; receiving a first response from the issuer server inconnection with the original transaction; in response to the firstresponse, generating a second response corresponding to the originaltransaction, the second response comprising the first identifier and thesecond identifier; and transmitting the second response to the clientdevice.

Clause 2: The method of clause 1, wherein after receiving the firstresponse, a unique, third identifier is assigned and included in thesecond response.

Clause 3: The method of clause 1 or 2, further comprising: storing dataassociated with the client device or a merchant or acquirer associatedwith the client device; and augmenting the transaction message with thestored data associated with the client device or the merchant associatedwith the client device.

Clause 4: The method of any of clauses 1-3, further comprising:receiving a follow-on message from the client device, the follow-onmessage comprising the first identifier; and associating the follow-onmessage with the original transaction.

Clause 5: The method of any of clauses 1-4, wherein the transactionmessage is received via a public internet connection.

Clause 6: The method of any of clauses 1-5, wherein the first identifieris generated by the client device.

Clause 7: The method of any of clauses 1-6, wherein a plurality oftransaction messages are received from the client device, wherein eachof the plurality of transaction messages comprises a first identifier,and wherein the first identifier of each transaction message isdifferent from the first identifier of the other transaction messages.

Clause 8: The method of any of clauses 1-7, wherein the follow-onmessage comprises at least one of a reversal message and a completionmessage.

Clause 9: The method of any of clauses 1-8, wherein each responsegenerated and transmitted to the client device corresponding to theoriginal transaction comprises the first identifier contained in thetransaction message corresponding to the original transaction.

Clause 10: The method of any of clauses 1-9, wherein the follow-onmessage is received and associated with the original transaction beforeor after the second response is transmitted to the client device.

Clause 11: A system for maintaining transaction integrity fortransactions performed over a public network, comprising at least oneserver computer including at least one processor, the at least oneserver computer programmed and/or configured to: receive, from a clientdevice, a transaction message corresponding to an original transaction,the transaction message comprising a unique, client-assigned, firstidentifier; in response to receiving the transaction message, assign aunique, second identifier to the original transaction; generate arequest to process the original transaction comprising at least aportion of the transaction message and the second identifier; transmitthe request to an issuer server to process the original transaction;receive a first response from the issuer server in connection with theoriginal transaction; in response to the first response, generate asecond response corresponding to the original transaction comprising thefirst identifier and the second identifier; and transmit the secondresponse to the client device.

Clause 12: The system of clause 11, wherein the at least one servercomputer is further programmed and/or configured to: after receiving thefirst response, assign a unique, third identifier and include the thirdidentifier in the second response.

Clause 13: The system of clause 11 or 12, wherein the at least oneserver computer is further programmed and/or configured to: store dataassociated with the client device or a merchant or acquirer associatedwith the client device; and augment the transaction message with thestored data associated with the client device or the merchant associatedwith the client device.

Clause 14: The system of any of clauses 11-13, wherein the at least oneserver computer is further programmed and/or configured to: receive afollow-on message from the client device, the follow-on messagecomprising the first identifier; and associate the follow-on messagewith the original transaction.

Clause 15: The system of any of clauses 11-14, wherein the transactionmessage is received via a public internet connection.

Clause 16: The system of any of clauses 11-15, wherein the firstidentifier is generated by a client associated with the client device.

Clause 17: The system of any of clauses 11-16, wherein the at least oneserver computer is further programmed and/or configured to: receive aplurality of transaction messages from the client device, wherein eachof the plurality of transaction messages comprises a first identifier,wherein the first identifier of each transaction message is differentfrom the first identifier of the other transaction messages.

Clause 18: The system of any of clauses 11-17, wherein each responsegenerated and transmitted to the client device corresponding to theoriginal transaction comprises the first identifier contained in thetransaction message corresponding to the original transaction.

Clause 19: The system of any of clauses 11-18, wherein the at least oneserver computer is further programmed and/or configured to receive andassociate the follow-on message with the original transaction before orafter the second response is transmitted to the client device.

Clause 20: A method of maintaining transaction integrity fortransactions performed over a public network, comprising: receiving,from a client device, a transaction message corresponding to an originaltransaction via a public internet connection, the transaction messagecomprising a unique, client-assigned, first identifier; generating arequest to process the original transaction comprising at least aportion of the transaction message; transmitting the request to anissuer server to process the original transaction; receiving a firstresponse from the issuer server corresponding to the originaltransaction; in response to receiving the first response, generating asecond response corresponding to the original transaction comprising thefirst identifier; and transmitting the second response to the clientdevice via the public internet connection.

Clause 21: The method of any of clauses 1-10 and 20, wherein the clientdevice comprises at least one of: an acquirer host computer, a merchantpoint-of-sale (POS) system, a computer, a portable computer, a tabletcomputer, a cellular phone, a wearable device, and/or a personal digitalassistant (PDA).

Clause 22: The system of any of clauses 11-19, wherein the client devicecomprises at least one of: an acquirer host computer, a merchantpoint-of-sale (POS) system, a computer, a portable computer, a tabletcomputer, a cellular phone, a wearable device, and/or a personal digitalassistant (PDA).

Clause 23: A computer program product for maintaining transactionintegrity for transactions performed over a public network, comprisingat least one non-transitory computer-readable medium including programinstructions that, when executed by at least one processor, cause the atleast one processor to: receive, from a client device, a transactionmessage corresponding to an original transaction, the transactionmessage comprising a unique, client-assigned, first identifier; inresponse to receiving the transaction message, assign a unique, secondidentifier to the original transaction; generate a request to processthe original transaction comprising at least a portion of thetransaction message and the second identifier; transmit the request toan issuer server to process the original transaction; receive a firstresponse from the issuer server in connection with the originaltransaction; in response to the first response, generate a secondresponse corresponding to the original transaction comprising the firstidentifier and the second identifier; and transmit the second responseto the client device.

These and other features and characteristics of the present disclosure,as well as the methods of operation and functions of the relatedelements of structures and the combination of parts and economies ofmanufacture, will become more apparent upon consideration of thefollowing description and the appended claims with reference to theaccompanying drawings, all of which form a part of this specification,wherein like reference numerals designate corresponding parts in thevarious figures. It is to be expressly understood, however, that thedrawings are for the purpose of illustration and description only andare not intended as a definition of the limits of the disclosure. Asused in the specification and the claims, the singular form of “a,”“an,” and “the” include plural referents unless the context clearlydictates otherwise.

BRIEF DESCRIPTION OF THE DRAWINGS

Additional advantages and details of the disclosure are explained ingreater detail below with reference to the exemplary embodiments thatare illustrated in the accompanying schematic figures, in which:

FIG. 1 is a schematic diagram of a non-limiting embodiment or aspect ofa system for maintaining transaction integrity for transactionsperformed over a public network;

FIG. 2 is another schematic diagram of a non-limiting embodiment oraspect of a system for maintaining transaction integrity fortransactions performed over a public network;

FIG. 3 is a message flow diagram of a non-limiting embodiment or aspectof a method for maintaining transaction integrity for transactionsperformed over a public network;

FIG. 4A is a schematic diagram of a non-limiting embodiment or aspect ofa system for communicating transaction specifications to a transactionservice provider;

FIG. 4B is a schematic diagram of a non-limiting embodiment or aspect ofa system for augmenting transaction specifications submitted to atransaction service provider;

FIG. 5 is a step diagram of a non-limiting embodiment or aspect of amethod for maintaining transaction integrity for transactions performedover a public network;

FIG. 6 is another step diagram of a non-limiting embodiments or aspectof a method for maintaining transaction integrity for transactionsperformed over a public network;

FIG. 7 is a step diagram of a non-limiting embodiment or aspect of amethod for augmenting client specifications submitted to a transactionservice provider; and

FIG. 8 is a step diagram of a non-limiting embodiment or aspect of amethod for associating a follow-on message with an original transaction.

DETAILED DESCRIPTION

For purposes of the description hereinafter, the terms “end,” “upper,”“lower,” “right,” “left,” “vertical,” “horizontal,” “top,” “bottom,”“lateral,” “longitudinal,” and derivatives thereof shall relate to thedisclosure as it is oriented in the drawing figures. However, it is tobe understood that the disclosure may assume various alternativevariations and step sequences, except where expressly specified to thecontrary. It is also to be understood that the specific devices andprocesses illustrated in the attached drawings, and described in thefollowing specification, are simply exemplary embodiments or aspects ofthe disclosure. Hence, specific dimensions and other physicalcharacteristics related to the embodiments or aspects disclosed hereinare not to be considered as limiting.

As used herein, the terms “communication” and “communicate” refer to thereceipt or transfer of one or more signals, messages, commands, or othertype of data. For one unit (e.g., any device, system, or componentthereof) to be in communication with another unit means that the oneunit is able to directly or indirectly receive data from and/or transmitdata to the other unit. This may refer to a direct or indirectconnection that is wired and/or wireless in nature. Additionally, twounits may be in communication with each other even though the datatransmitted may be modified, processed, relayed, and/or routed betweenthe first and second unit. For example, a first unit may be incommunication with a second unit even though the first unit passivelyreceives data and does not actively transmit data to the second unit. Asanother example, a first unit may be in communication with a second unitif an intermediary unit processes data from one unit and transmitsprocessed data to the second unit. It will be appreciated that numerousother arrangements are possible.

As used herein, the terms “issuing institution,” “portable financialdevice issuer,” “issuer,” or “issuer bank” may refer to one or moreentities that provide accounts to customers for conducting paymenttransactions, such as initiating credit and/or debit payments. Forexample, an issuing institution may provide an account identifier, suchas a personal account number (PAN), to a customer that uniquelyidentifies one or more accounts associated with that customer. Theaccount identifier may be embodied on a portable financial device suchas a physical financial instrument, e.g., a payment card, and/or may beelectronic and used for electronic payments. As used herein, the term“account identifier” may include one or more PANs, tokens, or otheridentifiers associated with a customer account. The term “token” mayrefer to an identifier that is used as a substitute or replacementidentifier for an original account identifier, such as a PAN. Accountidentifiers may be alphanumeric or any combination of characters and/orsymbols. Tokens may be associated with a PAN or other original accountidentifier in one or more databases such that they may be used toconduct a transaction without directly using the original accountidentifier. In some examples, an original account identifier, such as aPAN, may be associated with a plurality of tokens for differentindividuals or purposes. An issuing institution may be associated with abank identification number (BIN) that uniquely identifies it. The terms“issuing institution” and “issuing institution system” may also refer toone or more computer systems operated by or on behalf of an issuinginstitution, such as a server computer executing one or more softwareapplications. For example, an issuing institution system may include oneor more authorization servers for authorizing a payment transaction.

As used herein, the term “merchant” refers to an individual or entitythat provides goods and/or services, or access to goods and/or services,to customers (also referred to herein interchangeably as a “consumer”)based on a transaction, such as a payment transaction. “Merchant” mayalso refer to one or more computer systems operated by or on behalf of amerchant, such as a server computer executing one or more softwareapplications. As used herein, a “merchant point-of-sale (POS) system”may refer to one or more computers and/or peripheral devices used by amerchant to engage in payment transactions with customers, including oneor more card readers, near-field communication (NFC) receivers, RFIDreceivers, and/or other contactless transceivers or receivers,contact-based receivers, payment terminals, computers, servers, inputdevices, and/or other like devices that may be used to initiate apayment transaction. A merchant POS system may also include one or moreserver computers programmed or configured to process online paymenttransactions through webpages, mobile applications, and/or the like.

As used herein, the term “transaction service provider” may refer to anentity that receives transaction authorization requests from merchantsor other entities and provides guarantees of payment, in some casesthrough an agreement between the transaction service provider and theissuing institution. The term “transaction service provider” may alsorefer to one or more computer systems operated by or on behalf of atransaction service provider, such as a transaction processing serverexecuting one or more software applications. A transaction processingserver may include one or more processors and, in some non-limitingembodiments or aspects, may be operated by or on behalf of a transactionservice provider.

As used herein, the term “acquirer” may refer to an entity licensed bythe transaction service provider and approved by the transaction serviceprovider to originate transactions using a portable financial device ofthe transaction service provider. The transactions may includepurchases, original credit transactions (OCTs), account fundingtransactions (AFTs), and other like payment transactions. The acquirermay be authorized by the transaction service provider to sign merchantor service providers to originate transactions using a portablefinancial device of the transaction service provider. The acquirer maycontract with payment facilitators to enable the facilitators to sponsormerchants. The acquirer may monitor compliance of the paymentfacilitators in accordance with regulations of the transaction serviceprovider. The acquirer may conduct due diligence of payment facilitatorsand ensure proper due diligence occurs before signing a sponsoredmerchant. Acquirers may be liable for all transaction service providerprograms that they operate or sponsor. Acquirers may be responsible forthe acts of its payment facilitators and the merchants it or its paymentfacilitators sponsor. An acquirer may be a financial institution, suchas a bank.

As used herein, the term “portable financial device” may refer to apayment card (e.g., a credit or debit card), a gift card, a smartcard,smart media, a payroll card, a healthcare card, a wrist band, amachine-readable medium containing account information, a keychaindevice or fob, an RFID transponder, a retailer discount or loyalty card,a cellular phone, an electronic wallet application, a personal digitalassistant, a pager, a security card, a computer, an access card, awireless terminal, and/or a transponder, as examples. The portablefinancial device may include a volatile or a non-volatile memory tostore information, such as an account identifier or a name of theaccount holder.

As used herein, the term “payment facilitator” may refer to a paymentprocessing system operated by or on behalf of an entity that contractswith an acquirer to provide transaction service provider paymentservices using portable financial devices of the transaction serviceprovider to merchants sponsored by the payment facilitator. A paymentfacilitator may also refer to the entity that operates such a paymentprocessing system. The payment facilitator may monitor all of itssponsored merchant activity in accordance with regulations of thetransaction service provider.

As used herein, the terms “client” and “client device” may refer to oneor more client-side devices or systems, remote from a transactionservice provider, used to initiate or facilitate a transaction. As anexample, a “client device” may refer to one or more point-of-sale (POS)systems used by a merchant or an acquirer host computer used by anacquirer. It will be appreciated that a client device may be anyelectronic device configured to communicate with one or more networksand initiate or facilitate transaction such as, but not limited to, oneor more computers, portable computers, tablet computers, cellularphones, wearable devices (e.g., watches, glasses, lenses, clothing,and/or the like), personal digital assistants (PDAs), and/or other likedevices. Moreover, a “client” may also refer to an entity, such as amerchant or acquirer that owns, utilizes, and/or operates a clientdevice for initiating transactions with a transaction service provider.

As used herein, the term “server” may refer to or include one or morecomputing devices, such as processors, storage devices, and/or similarcomputer components that communicate with client devices and/or othercomputing devices over a network environment, such as the internet orprivate networks, and, in some examples, facilitate communication amongother servers and/or client devices. It will be appreciated that variousother arrangements are possible. As used herein, the term “system”refers to one or more computing devices or combinations of computingdevices, such as but not limited to processors, servers, client devices,software applications, and/or other like components.

Non-limiting embodiments of the present disclosure are directed to asystem, method, and computer program product for maintaining transactionintegrity for transactions performed over public networks. Non-limitingembodiments of the disclosure allow clients to transmit transactionmessages from a client device to a transaction service provider over apublic network, such as a public internet connection, while maintainingtransaction integrity. In non-limiting embodiments, client devicesprovide and/or generate a unique identifier when submitting atransaction, such that the unique identifier can later be used inreference to the transaction being submitted to allow transactionintegrity to be maintained. This arrangement improves currenttransaction processing systems in which a unique identifier is notassociated with a transaction until a transaction request is received bya remote server. The improved arrangement provided by non-limitingembodiments allows for the client device to submit follow-on messagescorresponding to an original transaction that can be matched to theoriginal transaction to maintain transaction integrity. In existingpayment processing systems, by contrast, a client device is unable tosubmit follow-on messages that can be easily acted upon by thetransaction service provider unless and until receiving a uniqueidentifier to correlate the follow-on messages with the originaltransaction. An augmenting action may be performed by the transactionservice provider to augment data submitted regarding a transaction sothat the client needs to only submit reduced specifications for eachtransaction.

Referring to FIG. 1, a system 100 for maintaining transaction integrityfor transactions conducted over a public network is shown according tosome non-limiting embodiments or aspects. In the system 100 in FIG. 1,non-limiting embodiment or aspect is shown in which a client system 11including a client device 14 communicates with a transaction processingserver 18 of a transaction service provider 15 over the internet 16. Theclient device 14 may communicate with the transaction processing server18 to further process a transaction. In this non-limiting embodiment oraspect, the client system 11 may be any entity or entities arrangedbetween the consumer 10 and the transaction processing server 18. Innon-limiting embodiments, the client system 11 may include a merchantsystem, such as a merchant POS system, an acquirer server of anacquirer, a mobile device of a consumer 10, a payment facilitator serverof a payment facilitator, such as but not limited to a payment gateway,and/or any combination thereof. According to the non-limiting embodimentor aspect shown in FIG. 1, a consumer 10 may initiate a transaction witha client system 11 having the client device 14. The transaction may be atransaction in exchange for goods and/or services provided by amerchant. The transaction may be initiated using a portable financialdevice held by the consumer 10 and accepted by the client system 11. Insome non-limiting embodiments or aspects, the transaction may be apurchase of goods and/or services by the consumer 10 from a merchantusing a credit card, debit card, and/or electronic wallet applicationaccepted by the client system 11. For instance, the transaction may beconducted between the consumer 10 and the client system 11 at a merchantbrick-and-mortar location, on a merchant website, or via a smartphoneapplication of the merchant. However, it will be appreciated that theconsumer 10 and/or the client system 11 may initiate the transactionthrough any suitable channel.

With continued reference to FIG. 1, the client device 14 of the clientsystem 11 may communicate transaction messages to one or moretransaction service providers 15 (e.g., transaction processing servers18 of transaction service providers 15). In some non-limitingembodiments or aspects, the client device 14 may include a device thatis part of a merchant system, such as a merchant POS system. In somenon-limiting embodiments or aspects, the client device 14 may be adevice that is part of an acquirer system of an acquirer, such as anacquirer server. In some non-limiting embodiments or aspects, the clientdevice 14 may include a device that is part of a system of some otherpayment facilitator operating between the consumer 10 and thetransaction processing server 18, such as a payment gateway. In furthernon-limiting embodiments, the client device 14 may include a mobiledevice operated by the consumer 10. The client device 14 may processtransactions initiated using a consumer's portable financial device bygenerating a transaction message and communicating it to the transactionprocessing server 18 to facilitate processing of the transaction, suchas for authorization, clearing, and settlement of the transaction. Thetransaction may be authorized by communicating transaction data to anacquirer server to request that the sale be permitted to proceed. Theauthorization request may be transmitted from the transaction processingserver 18 and/or the transaction service provider 15 to an issuer server20 of an issuer, to ultimately authorize or deny the transaction. Thesettlement may be cleared by an acquirer server collecting a number oftransactions sent from a merchant system, such as all transactions for aparticular day or other time period, and submitting those transactionsto the appropriate issuer server 20. The issuer server 20, aftersubtracting out any fees, communicates the transaction value associatedwith the transactions it received from the acquirer server to theacquirer server and debits each consumer account corresponding to thetransactions accordingly. The transaction may be settled by the acquirersubtracting out its fees from the transaction value it receives from theacquirer server and communicating and/or allocating the remainder to themerchant system.

With continued reference to FIG. 1, the client device 14 may communicatetransaction messages corresponding to an original transaction (such as atransaction between the client system 11 and the consumer 10). Thetransaction message may be communicated over a public network 16, suchas a public internet connection 16 (hereinafter “internet”). Thetransaction message may be communicated over the internet 16 using anApplication Programming Interface (API) provided by the transactionprocessing server 18. The API may be a representational state transfer(REST) API provided by the transaction processing server 18, although itwill be appreciated that various interfaces may be used. The clientdevice 14 may access the API using any means, such as using a website ormobile application. Various custom applications and/or systems developedand/or offered by the client system 11, the transaction processingserver 18, and/or issuer server 20 may utilize the APIs to facilitatetransactions. Since the transaction message may be communicated over theinternet 16, specialized hardware for communicating transaction messagesover a private network may not be needed.

With continued reference to FIG. 1 the transaction processing server 18may communicate with an issuer server 20 and/or an acquirer server inconnection with the transaction message received from the client device14. The transaction processing server 18 may communicate with the issuerserver 20 for processing the original transaction corresponding to thetransaction message. The transaction processing server 18 maycommunicate with the acquirer server to communicate settlement reportsand other processed or unprocessed data associated with processing theoriginal transaction corresponding to the transaction message 24.

Referring to FIG. 2, a system 200 for maintaining transaction integrityfor transactions conducted over a public network is shown according to anon-limiting embodiment or aspect. The components of the system 100 inFIG. 1 include all of the capabilities and characteristics of thecomponents from the system 200 of FIG. 2 having like reference numbers.The system 200 of FIG. 2 is an example of a non-limiting embodiment oraspects of the system 100 described in FIG. 1.

According to the non-limiting embodiment or aspect shown in FIG. 2, theclient system 11 shown in FIG. 1 may include at least a merchant system12 having the client device 14 (e.g., a merchant POS device) and anacquirer server 22. The client device 14 may communicate with theconsumer 10 to complete a transaction between the consumer 10 and themerchant. The transaction may be initiated using a portable financialdevice held by the consumer 10 and accepted by the merchant. In somenon-limiting embodiments or aspects, the transaction may be a purchaseof goods and/or services by the consumer 10 from the merchant using acredit card, debit card, and/or electronic wallet application acceptedby the client device 14. For instance, the transaction may be conductedat a merchant brick-and-mortar location, on a merchant website, or via asmartphone application of the merchant. However, it will be appreciatedthat the consumer 10 and the client device 14 may initiate thetransaction through any suitable channel.

The client device 14 of the merchant system 12 may communicate with theacquirer server 22. The acquirer server 22 may communicate with thetransaction processing server 18 for processing transactions of themerchant. In some non-limiting embodiments or aspects, the client device14 may communicate directly with the transaction processing server 18for processing transactions of the merchant. The client device 14 maycommunicate with the transaction processing server 18 over the internet16, as described in connection with the system 100 in FIG. 1.

Referring to FIG. 3, a message flow diagram 300 for maintainingtransaction integrity for transactions conducted over a public networkis shown according to a non-limiting embodiment or aspect. An originalmessage 23 in the form of a transaction message 24 may be transmittedfrom the client device 14 to the transaction service provider 15. Asshown in FIG. 3, the client device 14 includes a client application forgenerating the transaction message 24 and a transport layer forcommunicating the transaction message 24. The transaction serviceprovider 15 provides and/or supports a front-end application andprocessing logic. For example, a transaction processing server (notshown in FIG. 3) operated by or on behalf of the transaction serviceprovider 15 may include a front-end application for communicating withthe client device 14 and processing logic for communicating with theissuer server 20. It will be appreciated, however, that variousarrangements of the client device 14 and transaction processing serverare possible.

As used herein, the term “original message” may refer to the firstmessage associated with an interaction, such as the first messageassociated with a specific transaction or a group of transactions. Thetransaction message 24 may be a message that includes data correspondingto a specific original transaction or group of transactions. Thetransaction message 24 may be a payment request. The data included inthe transaction message 24 may include data relevant for processing thetransaction, and this data may include, for example: consumer name,consumer's portable financial device account identifier (e.g., 16 digitPAN), goods and/or services purchased, type of goods and/or servicespurchased, quantity of goods and/or services purchased, barcode dataand/or unique identifier(s) corresponding to the goods and/or servicespurchased, merchant name, merchant identification number, merchantaddress and other contact information, location of sale, point-of-saledetails, acquirer details (e.g., acquirer bank identification number(BIN)), and the like. The information contained in the transactionmessage 24 may include the information required to process thetransaction.

With continued reference to FIG. 3, the transaction message 24 may becommunicated from the client device 14 to the transaction serviceprovider 15, such as to the transaction processing server. As describedherein, the transaction message 24 may be sent to the transactionservice provider 15 over a public internet connection, as opposed toover a private connection, for ease of use to the client device 14. Thetransaction message 24 corresponding to the original transaction mayinclude a first identifier 26 (e.g., a correlation identifier). Thefirst identifier 26 may be generated and/or assigned before thetransaction message 24 is communicated to the transaction serviceprovider 15. The first identifier 26 may be generated and/or assigned bythe merchant system 12 and/or the client device 14. The first identifier26 may be a unique, client-assigned identifier. The first identifier 26may be in any form, such as an alphanumeric combination or anycombination of characters and/or symbols. The first identifier 26generated and/or assigned by the client device 14 to a first transactionmay be different from the first identifier 26 assigned to a prior orsubsequent transaction from the client device 14. For example, theclient device 14 may assign the first identifier 26 to a transactionsuch that no other transaction the client device 14 communicates in atransaction message 24 has the identical first identifier 26. Thisallows the client device 14 and/or the transaction service provider 15to identify a particular transaction from the client device 14 using thefirst identifier 26, in some cases without any additional data. Inaddition, the first identifier 26 being assigned to the transactionbefore being sent to the transaction service provider 15 advantageouslyprovides the client device 14 with a unique identifier in the case thatthe transaction service provider 15 has not responded yet to thetransaction message 24 with any other identifier for the originaltransaction corresponding to the transaction message 24.

With continued reference to FIG. 3, in response to receiving thetransaction message 24, the transaction service provider 15 may assign aunique, second identifier 28 (e.g., a transaction identifier) to theoriginal transaction. The second identifier 28 may be generated and/orassigned by the transaction service provider 15 after receipt of thetransaction message 24 from the client device 14 and after the clientdevice 14 has generated and/or assigned the first identifier 26. Thesecond identifier 28 may be a unique, transaction serviceprovider-assigned identifier. The second identifier 28 may be in anyform, such as an alphanumeric combination or any combination ofcharacters and/or symbols. The transaction service provider 15, inresponse to generating and/or assigning the second identifier 28, mayassociate the first identifier 26 and second identifier 28 in a databaseto correlate the two identifiers. The second identifier 28 assigned to afirst transaction may be different from the second identifier 28assigned to a prior or subsequent transaction from the client device 14sending the transaction message 24 or any other client device of thetransaction service provider 15. For example, the transaction serviceprovider 15 may assign the second identifier 28 to a transaction suchthat no other transaction received by the transaction service provider15 from any client device, ever or during a predetermined time period,has the identical second identifier 28. This allows the client device 14and/or the transaction service provider 15 to identify a particulartransaction using the second identifier 28, in some cases without anyadditional data.

Still referring to FIG. 3, the transaction service provider 15 maygenerate a request 30 corresponding to the transaction message 24 toprocess the original transaction. The request 30 may include the secondidentifier 28. The request 30 may also include at least a portion of thetransaction message 24 received from the client device 14. The portionof the transaction message 24 included in the request 30 may includeinformation required to further process the original transaction and mayinclude any of the information previously described in the transactionmessage 24. The request 30 may include information required by theissuer server 20 to process the original transaction. The request 30 maybe transmitted from the transaction to the issuer server 20. The requestmay be transmitted to the issuer server 20 using any means, such as overa private connection or any other secure means. For example, the privateconnection may be transmitted according to International Organizationfor Standardization (ISO) 8583 message protocol.

With continued reference to FIG. 3, in response to receiving the request30, the issuer server 20 may process the request 30 (e.g., authorize,clear, and/or settle the original transaction). Once the issuer server20 has processed the request 30, the issuer server 20 may generate afirst response 32 in connection with the original transaction. Thisfirst response 32 may include a result of processing the originaltransaction, such as the original transaction being approved ordeclined. The first response 32 generated by the issuer server 20 andtransmitted to the transaction service provider 15 may include theunique second identifier 28 of the transaction service provider 15,which was included in the request 30. The first response 32 may betransmitted to the transaction service provider 15 using any means, suchas over a private connection or any other secure method.

Still referring to FIG. 3, in response to receiving the first response32, the transaction service provider 15 may generate a second response34 corresponding to the original transaction. The second response 34 maybe in real-time, relative to the transaction message 24. The secondresponse 34 may include at least a portion of the first response 32. Thesecond response 34 may also include the first identifier 26 and thesecond identifier 28 corresponding to the original transaction. Thesecond response 34 may also include a unique, third identifier 36 (e.g.,a request identifier). The third identifier 36 may be generated and/orassigned by the transaction service provider 15 after receipt of thefirst response 32 from the issuer server 20 and before transmitting thesecond response 34 to the client device 14. The third identifier 36 maybe a unique, transaction service provider-assigned identifier. The thirdidentifier 36 may be in any form, such as an alphanumeric combination orany combination of characters and/or symbols. The transaction serviceprovider 15, in response to generating and/or assigning the thirdidentifier 36, may associate the third identifier 36 with the firstidentifier 26 and/or second identifier 28 in a database to correlate thethree identifiers. The third identifier 36 assigned to a second response34 may be different from the third identifier 36 assigned to a prior orsubsequent second response 34 for the corresponding client device 14 orany other client of the transaction service provider 15. For example,the transaction service provider 15 may assign the third identifier 36to one message corresponding to a transaction such that no other messageof any other transaction has the identical third identifier 36. Thisallows the client device 14 and/or the transaction service provider 15to identify a particular second response 34 between the client device 14and the transaction service provider 15 using the third identifier 36,in some cases without any additional data.

With continued reference to FIG. 3, the second response 34 may betransmitted to the client device 14. The second response 34 may provideinformation to the client device 14 regarding processing of the originaltransaction, such as approval or decline of the original transaction.The second response 34 may include identical information from thatincluded in the first response 32 or may change the information into adifferent format from that included in the first response 32. The secondresponse 34 may be sent to the client device 14 over the public internetconnection, as opposed to over a private connection, for ease of use tothe client device 14.

With continued reference to FIG. 3, a follow-on message 38 may becommunicated from the client device 14 to the transaction serviceprovider 15 regarding the original transaction. A follow-on message 38may be any message corresponding to an original transaction that follows(in time) the corresponding original message 23. It will be appreciatedthat multiple follow-on messages 38 may be communicated from the clientdevice 14 to the transaction service provider 15 as needed to processthe transaction. The follow-on message 38 may be sent to the transactionservice provider 15 over a public internet connection, as opposed toover a private connection, for ease of use to the client device 14. Thefollow-on message 38 may be communicated from the client device 14 tothe transaction service provider 15 to: check the status of processingof the original transaction, provide a reversal message (e.g., reversethe original transaction or indicate a refund issued corresponding tothe original transaction), provide a completion message (e.g., indicatecompletion of the original transaction, indicate shipment of the goodsand/or services corresponding to the original transaction, indicateconsumer receipt of the goods and/or services corresponding to theoriginal transaction), or any other action or request associated withthe original transaction. The follow-on message 38 may include the firstidentifier 26 and/or the second identifier 28 previously assigned to theoriginal transaction.

With continued reference to FIG. 3, the client device 14 may communicatethe follow-on message 38 to the transaction service provider 15. Thetransaction service provider 15 may use the first identifier 26 and/orthe second identifier 28 to associate the follow-on message 38 with theoriginal transaction. This allows the transaction service provider 15 tomaintain integrity of the processing of the original transaction suchthat all communications between the client device 14, the transactionservice provider 15, and the issuer server 20 corresponding to theoriginal transaction are matched, compiled, and managed so that theoriginal transaction is accurately and securely processed.

With continued reference to FIG. 3, communications between the clientdevice 14, the transaction service provider 15, and the issuer server 20may be conducted as previously described. However, a new firstidentifier 26 or a new second identifier 28 may not be generated becausethe first identifier 26 and the second identifier 28 from the originaltransaction are still available to preserve transaction integrity. Forsubsequent communications corresponding to follow-on messages 38 sent bythe transaction service provider 15 to the client device 14, a new thirdidentifier 36 may be generated for the new message such that eachmessage sent from the transaction service provider 15 to the clientdevice 14 has a unique third identifier 36. For example, the thirdidentifier 36 corresponding to an original message 23 associated with afirst transaction may be “abc123”. If a first follow-on messageassociated with the first transaction is sent by the client device 14and the transaction service provider 15 returns a response, thatresponse may be assigned a new third identifier 36, which may be“abc124”. If a second follow-on message associated with the firsttransaction is sent by the client device 14 and the transaction serviceprovider 15 returns a response, that response may be assigned a newthird identifier 36, which may be “abc125”. Assigning a new thirdidentifier 36 for each new message communicated form the transactionservice provider 15 to the client device 14 may help to preserveintegrity of the transaction by uniquely identifying each communicationseparately. It will be appreciated that each communication, such as aresponse, sent from the transaction service provider 15 to the clientdevice 14 may include the first identifier 26 and/or the secondidentifier 28, which may remain the same throughout the life cycle ofthe original transaction in order to preserve transaction integrity.

In some non-limiting embodiments or aspects, and with continuedreference to FIG. 3, the follow-on message 38 may be transmitted fromthe client device 14 to the transaction service provider 15 before thesecond response 34 corresponding to the original message 23 iscommunicated from the transaction service provider 15 to the clientdevice 14. For example, the client device 14 may send an originalmessage 23 and a corresponding follow-on message 38 for the sameoriginal transaction before any communication is received back from thetransaction service provider 15. In this scenario, both the originalmessage 23 and the follow-on message 38 may include the same firstidentifier 26, which allows the transaction service provider 15 toassociate the original message 23 with the follow-on message 38. Thisalso allows the client device 14 to be able to follow up with atransaction service provider 15 before receiving any response from thetransaction service provider 15 that includes a transaction serviceprovider-assigned identifier (e.g., a second identifier 28). In othernon-limiting embodiments, the follow-on message 38 may be transmittedfrom the client device 14 to the transaction service provider 15 afterthe second response 34 corresponding to the original message 23 iscommunicated from the transaction service provider 15 to the clientdevice 14.

Referring to FIG. 4A, a non-limiting embodiment or aspect of a system400 for communicating transaction specifications to a transactionservice provider is shown. As previously mentioned, in some non-limitingembodiments or aspects, the client device 14 may communicate with thetransaction processing server 18 in order to process an originaltransaction. This communication may occur, for instance, over a publicinternet connection, while still securely and accurately maintainingtransaction integrity. In order to process the original transaction, theclient device 14 may communicate data corresponding to the originaltransaction to the transaction processing server 18, such as in atransaction message 24, as previously described. The client device 14may communicate full specifications 40 a (hereinafter “full specs”)corresponding to the original transaction, which may include allavailable and/or relevant data for processing the original transaction.These full specs 40 a a may include, for example, the followingtransaction parameters: consumer name, consumer's portable financialdevice account identifier (e.g., 16 digit PAN), goods and/or servicespurchased, type of goods and/or services purchased, quantity of goodsand/or services purchased, barcode data and/or unique identifier(s)corresponding to the goods and/or services purchased, merchant name,merchant identification, merchant category, merchant address and othercontact information, location of sale, point of sale details, acquirerdetails (e.g., acquirer bank identification number (BIN)), and/or thelike corresponding to the original transaction. It will be appreciatedthat other parameters regarding the original transaction may be includedin the full specs 40 a, as the above list is non-limiting. Thetransaction processing server 18 may communicate at least some of thefull specs 40 a to the issuer server 20 for further processing of theoriginal transaction.

With reference to FIG. 4B, a non-limiting embodiment or aspect of asystem 450 for augmenting transaction specifications submitted to atransaction service provider is shown. In some non-limiting embodimentsor aspects, the client device 14 may not be required to communicate thefull specs 40 a to the transaction processing server 18 in order forprocessing of the original transaction. Instead, in some non-limitingembodiments or aspects, the client device 14 may communicate onlyreduced specs 40 b to the transaction processing server 18 in order tofurther process the original transaction. As used herein, the term“reduced specs” may refer to some subset of transaction parameters ofthe full specs, but not all of the data included in the full specs. Forexample, in non-limiting embodiments, the reduced specs 40 b may includeonly the data from the client device 14 that may be variable fromtransaction to transaction. Using only reduced specs 40 b provided bythe client device 14 is advantageous because it eases the burden on theclient device 14 by requiring less data be communicated to thetransaction processing server 18 in order to process an originaltransaction.

Still referring to FIG. 4B, in order to process transactions using onlyreduced specs 40 b provided by the client device 14, the transactionservice provider may store data, such as transaction parameters, in astorage database 42. For example, the data may include transactionparameters from the full specs 40 a that may not change from transactionto transaction. The data stored in the storage database 42 may becommunicated from the client device 14 to the storage database 42separate from any transaction, such as at the initiation of a businessrelationship between a merchant and the transaction service provider 15.The data stored in the storage database 42 may be communicated from theclient device 14 to the storage database 42 during the first originaltransaction communicated by the client device 14 to the transactionprocessing server 18 (e.g., using full specs 40 a), such that therelevant data is extracted from that first original transaction andstored in the storage database 42. The data from the storage database 42may then be used for each transaction communicated from the clientdevice 14 to the transaction processing server 18 after the firstoriginal transaction (e.g., using reduced specs 40 b).

With continued reference to FIG. 4B, original transactions may beprocessed using only reduced specs 40 b corresponding to the originaltransaction using an augmentation processor 44. The augmentationprocessor 44 may be a separate processor from the transaction processingserver 18 or, in other embodiments, the transaction processing server 18may act as the augmentation processor 44. The augmentation processor 44may be hosted by or on behalf of the transaction service provider 15. Toprocess an original transaction, the augmentation processor 44 mayreceive reduced specs 40 b corresponding to an original transaction. Theaugmentation processor 44, in response to receiving the reduced specs 40b, may query the storage database 42 to identify correspondingtransaction parameters to augment the reduced specs 40 b with. In somenon-limiting embodiments or aspects, the data provided by the storagedatabase 42 to augment the reduced specs 40 b may include merchant name,merchant identifier, merchant classification, merchant address and othercontact information, location of sale, point-of-sale details, acquirerdetails, and other details that do not change from transaction totransaction. The reduced specs 40 b may include the transactionparameters that may change from transaction to transaction, such asconsumer's portable financial device account identifier, goods and/orservices purchased, type of goods and/or services purchased, quantity ofgoods and/or services purchased, and/or barcode data or other uniqueidentifier(s) corresponding to the goods and/or services purchased. Theaugmentation processor may augmenting the reduced specs 40 b bygenerating a transaction message having full specs 40 a, either as a newtransaction message or a modified transaction message. The augmentationprocessor 44 may communicate all or some subset of the reduced specs 40b and the transaction parameters from the storage database 42, all ofwhich may correspond to the original transaction, to the transactionprocessing server 18 separately or combined into a transaction message.The transaction processing server 18 may communicate at least some ofthis data from the augmentation processor 44 to the issuer server 20 forfurther processing of the original transaction.

Referring to FIG. 5, a non-limiting embodiment or aspect of a method 500for maintaining transaction integrity for transactions conducted over apublic network is shown. At a step 502 the transaction processing server18 may receive the transaction message 24 from the client device 14. Thetransaction message 24 may correspond to an original transaction betweena merchant system 12 and a consumer 10. The transaction message 24 sentfrom the client device 14 to the transaction processing server 18 mayinclude the unique, client-assigned first identifier 26. The firstidentifier 26 may allow the client device 14 and/or the transactionservice provider 15 to identify each transaction communicated to thetransaction processing server 18. The transaction message 24 may includefull specs 40 a or reduced specs 40 b. The transaction message may becommunicated to the transaction processing server 18 over the internet16.

Referring to FIG. 5, a non-limiting embodiment of a method 500 formaintaining transaction integrity for transactions conducted over apublic network is shown. At a step 502 the transaction processing server18 may receive the transaction message 24 from the client device 14. Thetransaction message 24 may correspond to an original transaction betweena merchant system 12 and a consumer 10. The transaction message 24 sentfrom the client device 14 to the transaction processing server 18 mayinclude the unique, client-assigned first identifier 26. The firstidentifier 26 may allow the client device 14 and/or the transactionservice provider 15 to identify each transaction communicated to thetransaction processing server 18. The transaction message 24 may includefull specs 40 a or reduced specs 40 b. The transaction message may becommunicated to the transaction processing server 18 over the internet16.

With continued reference to FIG. 5, at a step 504, the transactionprocessing server 18 may assign the unique second identifier 28 to theoriginal transaction. This may be done in response to receiving thetransaction message 24 from the client device 14, and the secondidentifier 28 may be different from the first identifier 26. The secondidentifier 28 may allow the client device 14 and/or the transactionservice provider 15 to identify each transaction communicated to thetransaction processing server 18. At a step 506, the transactionprocessing server 18 may generate a request 30 to process the originaltransaction. The request 30 may include at least a portion of thetransaction message 24 required to further process the originaltransaction. The request may also include the second identifier 28. At astep 508, the transaction processing server 18 may transmit the request30 to the issuer server 20. The request 30 may be communicated to theissuer server 20 using any secure means, such as over a secure privateconnection.

With continued reference to FIG. 5, in response to receiving the request30, the issuer server 20 may process the request 30 corresponding to theoriginal transaction and generate and communicate the first response 32.At a step 510, the transaction processing server 18 receives the firstresponse 32 communicated by the issuer server 20. The first response 32may be communicated to the transaction processing server 18 using anysecure means, such as over a secure private connection. The firstresponse 32 may include the second identifier 28, which was provided tothe issuer server 20 in the request 30. The first response 32 maycorrespond to the original transaction, and may indicate whether theoriginal transaction is approved or declined.

With continued reference to FIG. 5, at a step 512, the transactionprocessing server 18 may generate a second response 34 in response toreceiving the first response 32. The second response 34 may correspondto the original transaction and may include at least some of theinformation contained in the first response 32, such as an indication ofwhether the original transaction is approved or declined. The secondresponse 34 may include identical information from that included in thefirst response 32 or may change the information into a different formatfrom that included in the first response 32. The second response 34 mayalso include the first identifier 26 and the second identifier 28corresponding to the original transaction. The second response 34 mayalso include a unique, third identifier 36 assigned by the transactionservice provider 15. At a step 514, the transaction processing server 18may transmit the second response 34 to the client device 14 over thepublic internet connection.

Referring to FIG. 6, a non-limiting embodiment or aspect of a method 600for maintaining transaction integrity for transactions performed over apublic network is shown. At a step 602, the transaction processingserver 18 may receive a transaction message 24 from the client device 14corresponding to an original transaction, and the transaction messagemay be identical in form and/or content as described in step 502 ofmethod 500 shown in FIG. 5. The transaction message 24 may becommunicated from the client device 14 to the transaction processingserver 18 via the public internet connection, rather than a privatenetwork. At a step 604, the transaction processing server 18 maygenerate a request 30 to process the original transaction, the requestincluding at least a portion of the original transaction message 24, andthis step 604 may be performed in the same manner as step 506 of method500. At a step 606, the transaction processing server 18 may transmitthe request 30 to the issuer server 20 to process the originaltransaction, and this step 606 may be performed in the same manner asstep 508 of method 500. At a step 608, the transaction processing server18 may receive the first response 32 from the issuer server 20corresponding to the original transaction, and this step 608 may beperformed in the same manner as step 510 of method 500. At a step 610,in response to receiving the first response 32, the transactionprocessing server 18 may generate the second response 34 correspondingto the original transaction, the second response 34 including the firstidentifier 26, and this step 610 may be performed in the same manner asstep 512 of method 500. At a step 612, the transaction processing server18 may transmit the second response 34 to the client device 14. Thesecond response 34 may be communicated from the transaction processingserver 18 to the client device 14 via the public internet connection.

Referring to FIG. 7, a non-limiting embodiment or aspect of a method 700for augmenting transaction specifications submitted to a transactionservice provider 15 is shown. At a step 702, the client device 14 maycommunicate transaction parameters associated with the client device 14and/or merchant system 12 to be stored in the storage database 42. Insome non-limiting embodiments or aspects, the transaction parameters maybe communicated to the transaction processing server 18 or other systemmanaged or controlled by or on behalf of the transaction serviceprovider 15 to then be stored in the storage database 42. In somenon-limiting embodiments or aspects, the data may be communicated fromthe client device 14 directly to the storage database 42. Thetransaction parameters stored and associated with the client device 14may be transaction parameters that do not change from transaction totransaction. The transaction parameters stored in the storage database42 may be communicated from the client device 14 to the storage database42 separate from any transaction, such as at the initiation of abusiness relationship between the merchant system 12 and the transactionservice provider 15. The data stored in the storage database 42 may alsobe communicated from the client device 14 to the storage database 42during a first original transaction communicated by the client device 14to the transaction processing server 18, such that the relevant data isextracted from that first original transaction and stored in the storagedatabase 42. The transaction parameters from the storage database 42 maythen be used for each transaction communicated from the client device 14to the transaction processing server 18 after the first originaltransaction.

With continued reference to FIG. 7, the client device 14 may communicatethe previously described reduced specs 40 b to the augmentationprocessor 44 for processing of the original transaction. At a step 704,the augmentation processor 44 may augment the transaction message 24including the reduced specs 40 b with the data stored in the storagedatabase 42 associated with the client device 14 or with the merchantsystem 12 associated with the client device 14. The reduced specs 40 bmay include the transaction parameters that may change from transactionto transaction, such as consumer's portable financial device accountidentifier, goods and/or services purchased, type of goods and/orservices purchased, quantity of goods and/or services purchased, orbarcode data and/or unique identifier(s) corresponding to the goodsand/or services purchased.

Referring to FIG. 8, a non-limiting embodiment or aspect of a method 800for associating a follow-on message 38 with an original transaction isshown. As previously described, the client device 14 may communicate theoriginal message 23 as the transaction message 24 to the transactionprocessing server 18 corresponding to an original transaction. Afterthis original message 23, the client device 14 may communicate one ormore follow-on messages 38 to the transaction processing server 18. Thefollow-on message 38 may be sent to the transaction processing server 18over a public internet connection, rather than a private network, forease of use to the client device 14. The follow-on message 38 may becommunicated from the client device 14 to the transaction processingserver 18 for any for the previously described reasons. The follow-onmessage 38 may include the first identifier 26 and/or the secondidentifier 28 previously assigned to the original transaction. At a step802, the transaction processing server 18 may receive the follow-onmessage 38 from the client device 14 or the merchant system 12associated with the client device 14. The follow-on message 38 may besent to the transaction processing server 18 over a public internetconnection. At a step 804, the transaction processing server 18 mayassociate the follow-on message 38 received with the originaltransaction. The transaction processing server 18 may use the firstidentifier 26 and/or the second identifier 28 to associate the follow-onmessage 38 with the original transaction. This allows the transactionprocessing server 18 to maintain integrity of the processing of theoriginal transaction such that all communications between the clientdevice 14, the transaction processing server 18, and the issuer server20 corresponding to the original transaction are matched, compiled, andmanaged so that the original transaction is accurately and securelyprocessed.

EXAMPLE

The following example is provided to illustrate a non-limitingembodiment or aspect of the system, method, and computer program productfor maintaining transaction integrity for transactions conducted over apublic network, and is not meant to limit the disclosure in any way.

According to a non-limiting embodiment or aspect, Customer A (e.g., aconsumer 10) purchases goods and/or services (e.g., clothing) from BigBox Store (e.g., a merchant) having a Big Box Store POS device (e.g., amerchant system 12). First Acquirer Bank is the acquirer bank having aFirst Acquirer Bank Server (e.g., acquirer server 22) of Big Box Store;however, in some non-limiting embodiments or aspects, Big Box Store isthe acquirer. In this example, Big Box Store is a client, having aclient system 11, of First Credit Card Company (e.g., a transactionservice provider 15) having a First Credit Card Company Server (e.g.,transaction processing server 18). However, in other examples, theacquirer of the merchant (e.g., First Acquirer Bank) is the client,having a client system 11, of First Credit Card Company. In atransaction for the clothing between Customer A and Big Box Store (theoriginal transaction), a Big Box Store POS device (e.g., a client device14) managed by or on behalf of Big Box Store communicates an originalmessage 23, which is a transaction message 24, as an API call to FirstCredit Card Company Server. Big Box Store POS device accesses the APIusing any means, such as using a website or mobile application. Big BoxStore develops its own application to interface with First Credit CardCompany Server's API. The transaction message 24 includes any of thedata previously described that is relevant to processing the originaltransaction. The transaction message 24 is communicated from Big BoxStore POS device to First Credit Card Company Server over a publicinternet connection, such as using the hypertext transfer protocol (HTTPprotocol).

The transaction message 24 includes a unique first identifier 26assigned by Big Box Store POS device. The transaction message 24includes full specs 40 a, as previously described. Alternatively, thetransaction message 24 includes reduced specs 40 b, and the storagedatabase 42 of First Credit Card Company Server provides the balance ofthe relevant data to the augmentation processor of First Credit CardCompany (e.g., an augmentation processor 44). All of the relevant datafor processing the original transaction is communicated to First CreditCard Company Server. First Credit Card Company Server assigns a uniquesecond identifier 28 to the original transaction in response toreceiving the transaction message 24. First Credit Card Company Servergenerates a request 30 to process the original transaction, and thisrequest 30 includes at least a portion of the transaction message 24from Big Box Store POS device and the second identifier 28. First CreditCard Company Server then communicates the request 30 to First IssuerBank Server to further process the original transaction, such as toauthorize, clear, and/or settle the original transaction. The request 30is communicated from First Credit Card Company Server to First IssuerBank Server using a private connection.

After processing the request 30, First Issuer Bank Server generates afirst response 32 to the request, such as authorizing or declining theoriginal transaction. First Issuer Bank Server then communicates thefirst response 32 to First Credit Card Company Server using the privateconnection, and the first response includes the second identifier 28. Inresponse to receiving the first response 32, First Credit Card CompanyServer generates a second response 34 corresponding to the originaltransaction. The second response 34 includes the first identifier 26 andthe second identifier 28, and also includes at least a portion of thefirst response 32, such as an indication of whether the originaltransaction is approved or declined. First Credit Card Company Serveralso assigns a unique, third identifier 36 to include in the secondresponse 34. First Credit Card Company Server then communicates thesecond response 34 to Big Box Store POS device. The first response 32from First Issuer Bank Server allows the original transaction betweenCustomer A and Big Box Store POS device to proceed (if approved) ordeclines the original transaction.

Big Box Store POS device also sends a follow-on message 38 (after theoriginal message 23 in time) to First Credit Card Company Serverassociated with subsequent activity corresponding to the originaltransaction. The follow-on message 38 includes the first identifierassigned by Big Box Store POS device in the transaction message 24 (theoriginal message 23). Big Box Store POS device communicates thefollow-on message 38 to First Credit Card Company Server for any numberof reasons. For example, Big Box Store POS device sends the follow-onmessage 38 to check the status of processing the original transactions(e.g., in a case in which Big Box Store POS device has not received anyresponse from First Credit Card Company Server). As another example, BigBox Store POS device sends a follow-on message 38 to reverse theoriginal transaction (such as an inadvertently made purchase or a returnof the clothing that includes a refund being issued). As anotherexample, Big Box Store POS device sends the follow-on message 38 toprovide a completion message to indicate completion of the originaltransaction, indicate shipment of the goods and/or servicescorresponding to the original transaction, or indicate consumer receiptof the goods and/or services corresponding to the original transaction.Big Box Store POS device may send First Credit Card Company Server thefollow-on message 38 corresponding to the original transaction for anyother reason. First Credit Card Company Server associates the follow-onmessage 38 from Big Box Store POS device with the original transaction,such as using the first identifier 26 and/or the second identifier 28.

The system, method, and computer program product for maintainingtransaction integrity for transactions performed over a public networkaccording to the above example allows client devices 14 to transmittransaction messages 24 to the transaction processing server 18 over apublic network, such as over the internet 16, while still maintainingtransaction integrity. Further, the client-assigned first identifier 26is later used in reference to the transaction being submitted to allowtransaction integrity to be maintained. Further, the client device 14submits follow-on messages 38 corresponding to an original transactionthat can be matched to the original transaction by the transactionprocessing server 18 to maintain transaction integrity. An augmentingaction is performed by the transaction service provider 15 to augmentdata submitted regarding a transaction so that the client device 14needs to only submit the reduced spec 40 b.

Although the disclosure has been described in detail for the purpose ofillustration based on what is currently considered to be the mostpractical and preferred embodiments, it is to be understood that suchdetail is solely for that purpose and that the disclosure is not limitedto the disclosed embodiments, but, on the contrary, is intended to covermodifications and equivalent arrangements that are within the spirit andscope of the appended claims. For example, it is to be understood thatthe present disclosure contemplates that, to the extent possible, one ormore features of any embodiment can be combined with one or morefeatures of any other embodiment.

The invention claimed is:
 1. A method of maintaining transactionintegrity for transactions performed over a public network, comprising:receiving, from a client device, a transaction message corresponding toan original transaction, the transaction message comprising a unique,client-assigned, first identifier; in response to receiving thetransaction message, assigning a unique, second identifier to theoriginal transaction; generating a request to process the originaltransaction comprising at least a portion of the transaction message andthe second identifier; transmitting the request to an issuer server toprocess the original transaction; receiving a first response from theissuer server in connection with the original transaction; in responseto the first response, generating a second response corresponding to theoriginal transaction, the second response comprising the firstidentifier and the second identifier; transmitting the second responseto the client device; receiving a follow-on message from the clientdevice, the follow-on message comprising the first identifier, whereinthe follow-on message comprises a request and/or action associated withthe original transaction; analyzing the follow-on message to identifythe first identifier and the request and/or action associated with theoriginal transaction; based on the identified first identifier,associating the follow-on message with the original transaction; andexecuting the identified request and/or action associated with theoriginal transaction.
 2. The method of claim 1, wherein after receivingthe first response, a unique, third identifier is assigned and includedin the second response.
 3. The method of claim 1, further comprising:storing data associated with the client device or a merchant or acquirerassociated with the client device; and augmenting the transactionmessage with the stored data associated with the client device or themerchant associated with the client device.
 4. The method of claim 1,wherein the transaction message is received via a public internetconnection.
 5. The method of claim 1, wherein the first identifier isgenerated by the client device.
 6. The method of claim 1, wherein aplurality of transaction messages are received from the client device,wherein each of the plurality of transaction messages comprises a firstidentifier, and wherein the first identifier of each transaction messageis different from the first identifier of the other transactionmessages.
 7. The method of claim 1, wherein the request and/or actionassociated with the original transaction comprises at least one of areversal message and a completion message.
 8. The method of claim 1,wherein each response generated and transmitted to the client devicecorresponding to the original transaction comprises the first identifiercontained in the transaction message corresponding to the originaltransaction.
 9. The method of claim 1, wherein the follow-on message isreceived and associated with the original transaction before the secondresponse is transmitted to the client device.
 10. A system formaintaining transaction integrity for transactions performed over apublic network, comprising at least one server computer including atleast one processor, the at least one server computer programmed and/orconfigured to: receive, from a client device, a transaction messagecorresponding to an original transaction, the transaction messagecomprising a unique, client-assigned, first identifier; in response toreceiving the transaction message, assign a unique, second identifier tothe original transaction; generate a request to process the originaltransaction comprising at least a portion of the transaction message andthe second identifier; transmit the request to an issuer server toprocess the original transaction; receive a first response from theissuer server in connection with the original transaction; in responseto the first response, generate a second response corresponding to theoriginal transaction comprising the first identifier and the secondidentifier; transmit the second response to the client device; receive afollow-on message from the client device, the follow-on messagecomprising the first identifier, wherein the follow-on message comprisesa request and/or action associated with the original transaction;analyze the follow-on message to identify the first identifier and therequest and/or action associated with the original transaction; based onthe identified first identifier, associate the follow-on message withthe original transaction; and execute the identified request and/oraction associated with the original transaction.
 11. The system of claim10, wherein the at least one server computer is further programmedand/or configured to: after receiving the first response, assign aunique, third identifier and include the third identifier in the secondresponse.
 12. The system of claim 10, wherein the at least one servercomputer is further programmed and/or configured to: store dataassociated with the client device or a merchant or acquirer associatedwith the client device; and augment the transaction message with thestored data associated with the client device or the merchant associatedwith the client device.
 13. The system of claim 10, wherein thetransaction message is received via a public internet connection. 14.The system of claim 10, wherein the first identifier is generated by aclient associated with the client device.
 15. The system of claim 10,wherein the at least one server computer is further programmed and/orconfigured to: receive a plurality of transaction messages from theclient device, wherein each of the plurality of transaction messagescomprises a first identifier, wherein the first identifier of eachtransaction message is different from the first identifier of the othertransaction messages.
 16. The system of claim 10, wherein each responsegenerated and transmitted to the client device corresponding to theoriginal transaction comprises the first identifier contained in thetransaction message corresponding to the original transaction.
 17. Thesystem of claim 10, wherein the at least one server computer is furtherprogrammed and/or configured to receive and associate the follow-onmessage with the original transaction before the second response istransmitted to the client device.
 18. A method of maintainingtransaction integrity for transactions performed over a public network,comprising: providing an application programming interface (API) toenable communication with a client device over a public internetconnection to process transactions; receiving, from the client devicevia the API, a transaction message corresponding to an originaltransaction via the public internet connection, the transaction messagecomprising a unique, client-assigned, first identifier; in response toreceiving the transaction message, generating a request to process theoriginal transaction comprising at least a portion of the transactionmessage; transmitting the request to an issuer server to process theoriginal transaction; receiving a first response from the issuer servercorresponding to the original transaction; in response to receiving thefirst response, generating a second response corresponding to theoriginal transaction comprising the first identifier; transmitting, tothe client device via the API, the second response via the publicinternet connection; receiving a follow-on message from the clientdevice via the API, the follow-on message comprising the firstidentifier, wherein the follow-on message comprises a request and/oraction associated with the original transaction; analyzing the follow-onmessage to identify the first identifier and the request and/or actionassociated with the original transaction; based on the identified firstidentifier, associating the follow-on message with the originaltransaction; and executing the identified request and/or actionassociated with the original transaction.
 19. The system of claim 10,wherein the request and/or action associated with the originaltransaction comprises at least one of a reversal message and acompletion message.